• Proceedings of the Safety Management and Science Conference
• /
• 2005.05a
• /
• pp.453-459
• /
• 2005

On this research, we show some concrete examples as software design, 2D/3D display, graph display, and gage display to develop a data monitoring system for real time safe fire testing. Developed software which is simulation software for live fire testing, has been designed to display informations about whole test status in a live fire testing, and with this, user can control a live fire testing under the safe environment. Beside, we increase a security by using a authority of user to access on this software. and we develop it based on module designed to apply a requirement of user later on.

• Journal of the Korea Safety Management & Science
• /
• v.7 no.2
• /
• pp.65-72
• /
• 2005

On this research, we show some concrete examples as software design, 2D/3D display, graph display, and gage display to develop a data monitoring system for real time safe fire testing. Developed software which is simulation software for live fire testing, has been designed to display informations about whole test status in a live fire testing, and with this, user can control a live fire testing under the safe environment. Beside, we increase a security by using a authority of user to access on this software. and we develop it based on module designed to apply a requirement of user later on.

• Journal of Convergence for Information Technology
• /
• v.10 no.5
• /
• pp.16-22
• /
• 2020

In this paper, the technology and capabilities required for the job of developing security software recommended by the Cybersecurity Human Resources Development Framework of the National Initiative for Cybersecurity Education (NICE) were studied. In this paper, we describe what security skills are needed for the task of developing security software and what security capabilities should be held. The focus of this paper is to analyze the consistency between security technologies (core and specialized technologies) required for security software development tasks and the curriculum of information protection-related departments located in Seoul, Korea. The reason for this analysis is to see how the curriculum at five universities in Seoul is suitable for performing security software development tasks. In conclusion, if the five relevant departments studied are to intensively train developers of development tasks for security software, they are commonly required to train security testing and software debugging, how secure software is developed, risk management, privacy and information assurance.

• Convergence Security Journal
• /
• v.15 no.4
• /
• pp.3-9
• /
• 2015

A web application that allows a web service created by a internal developer who has security awareness show certain level of security. However, in the case of development by outsourcing, it is inevitable to implement the development centered on requested function rather than the issue of security. Thus in this paper, we improve the software testing process focusing on security for exclusion the leakage of important information and using an unauthorized service that results from the use of the vulnerable web application. The proposed model is able to consider security in the initial stage of development even when outsourced web application, especially, It can prevent the development schedule delay caused by the occurrence of modification for program created by programer who has low security awareness. This result shows that this model can be applied to the national defense area for increasing demand web application centered resource management system to be able to prevent service of web application with security vulnerability based on high test.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.9-16
• /
• 2012

Due to the large scale application of software systems, software reliability plays an important role in software developments. In this paper, a software reliability growth model (SRGM) is proposed for testing time. The testing time on the right is truncated in this model. The intensity function, mean-value function, reliability of the software, estimation of parameters and the special applications of Pareto NHPP model are discussed. This paper, a numerical example of applying using time between failures and parameter estimation using maximum likelihood estimation method, after the efficiency of the data through trend analysis model selection, depended on difference between predictions and actual values, were efficient using the mean square error and $R_{SQ}$.

• Journal of Software Assessment and Valuation
• /
• v.17 no.2
• /
• pp.125-142
• /
• 2021

Reports of rampant cross-site scripting (XSS) vulnerabilities raise growing concerns on the effectiveness of current Static Analysis Security Testing (SAST) tools as an internet security device. Attentive to these concerns, this study aims to examine seven open-source SAST tools in order to account for their capabilities in detecting XSS vulnerabilities in PHP applications and to determine their performance in terms of effectiveness and analysis runtime. The representative tools - categorized as either text-based or graph-based analysis tools - were all test-run using real-world PHP applications with known XSS vulnerabilities. The collected vulnerability detection reports of each tool were analyzed with the aid of PhpStorm's data flow analyzer. It is observed that the detection rates of the tools calculated from the total vulnerabilities in the applications can be as high as 0.968 and as low as 0.006. Furthermore, the tools took an average of less than a minute to complete an analysis. Notably, their runtime is independent of their analysis type.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.261-273
• /
• 2022

Over the last decade, the scientific community has been actively developing technologies for automated software bug fixes called Automated Program Repair (APR). Several APR techniques have recently been proposed to effectively address multiple classroom programming errors. However, little attention has been paid to the advances in effective APR techniques for software bugs that are widely occurring during the software life cycle maintenance phase. To further enhance the concept of software testing and debugging, we recommend an optimized automated software repair approach based on hybrid technology (OAPR-HOML'1). The first contribution of the proposed OAPR-HOML'1 technique is to introduce an improved grasshopper optimization (IGO) algorithm for fault location identification in the given test projects. Then, we illustrate an opposition learning based artificial neural network (OL-ANN) technique to select AST node-level transformation schemas to create the sketches which provide automated program repair for those faulty projects. Finally, the OAPR-HOML'1 is evaluated using Defects4J benchmark and the performance is compared with the modern technologies number of bugs fixed, accuracy, precession, recall and F-measure.

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.73-80
• /
• 2011

In this study, software products developed in the course of testing, software managers in the process of testing software and tools for effective learning effects perspective has been studied using the NHPP software. The delayed software S-shaped reliability model applied to distribution was based on finite failure NHPP. Software error detection techniques known in advance, but influencing factors for considering the errors found automatically and learning factors, by prior experience, to find precisely the error factor setting up the testing manager are presented comparing the problem. As a result, the learning factor is greater than automatic error that is generally efficient model could be confirmed. This paper, numerical example of applying using time between failures and parameter estimation using maximum likelihood estimation method, after the efficiency of the data through trend analysis model selection were efficient using the mean square error and $R^2$(coefficient of determination).

• Convergence Security Journal
• /
• v.13 no.6
• /
• pp.35-41
• /
• 2013

What is an alternative to medical information security of medical information more secure preservation and safety of various types of security threats should be taken, starting from the software design. Interspersed with medical information systems medical information to be able to integrate the real-time exchange of medical information must be reliable data communication. The software architecture design of medical information systems and sharing of medical information security issues and communication phase allows the user to identify the requirements reflected in the software design. Software framework design, message standard design, design a web-based inter-process communication procedures, access control algorithm design, architecture, writing descriptions, evaluation of various will procedure the establishing architecture. The initial decision is a software architecture design, development, testing, maintenance, ongoing impact. In addition, the project will be based on the decision in detail. Medical information security method based on the design software architecture of today's medical information security has become an important task of the framework will be able to provide.

• The Journal of Society for e-Business Studies
• /
• v.9 no.1
• /
• pp.255-268
• /
• 2004

User authentication is indispensable in computer login and internet banking. Usability as well as security is needed in user authentication software. To develop the software systematically, development process must be defined, and it can result in the improvement of software maturity. In this paper, a process needed to develop user authentication software systematically is proposed from experience of developing visual password input software. This process is composed of 6 phases and 15 activities. It is able to improve usability with its requirement analysis, planning, integration testing, and acceptance testing activity.